Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

ssh question (man-in-the-middle attack)

0 views
Skip to first unread message

Cliff Liu

unread,
Sep 27, 1999, 3:00:00 AM9/27/99
to

When I ssh to a Solaris 2.6 I got these messages:

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING:
HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE
THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on
you right now (man-in-the-middle attack)! It is also possible that the
host key has just been changed. Please contact your system administrator.
Add correct host key in //.ssh/known_hosts to get rid of this message.
Agent forwarding is disabled to avoid attacks by corrupted servers. X11
forwarding is disabled to avoid attacks by corrupted servers.
Are you sure you want to continue connecting (yes/no)?

I've copied the public key for the other host to the Salaris'
/etc/ssh/ssh_known_hosts and /.ssh/known_hosts but am still getting this
message. After I entered "yes" and then the passwd I was able to connect.

Any one knows how to get rid of these message?

Thanks,

Cliff


force

unread,
Sep 27, 1999, 3:00:00 AM9/27/99
to
Cliff Liu <cl...@mantra.gsfc.nasa.gov> wrote:

: When I ssh to a Solaris 2.6 I got these messages:
: Any one knows how to get rid of these message?

Remove the hosts entry in ~/.ssh/knownhosts or don't re-install ssh ;)

--
Cheers.

Cliff Liu

unread,
Sep 28, 1999, 3:00:00 AM9/28/99
to force

I have removed all files in ~/.ssh/ (identity,identity.pub, known_hosts
and random_seed) and reinserted public key in /etc/ssh/ssh_known_hosts but
am still getting "man-in-the-middle attack" message.

Cliff

force

unread,
Sep 29, 1999, 3:00:00 AM9/29/99
to
Cliff Liu <cl...@mantra.gsfc.nasa.gov> wrote:

: I have removed all files in ~/.ssh/ (identity,identity.pub, known_hosts


: and random_seed) and reinserted public key in /etc/ssh/ssh_known_hosts but
: am still getting "man-in-the-middle attack" message.

Unless you're using an identity which must be exchanged by bother parties
(e.g. ssh user@host -i identity), there's no need to keep anything. You'll
just get ssh prompting you about the new host.

Example:

Remove the host from your ~/.ssh/known_hosts

voodoo:~$ ssh hostname
Host key not found from the list of known hosts.


Are you sure you want to continue connecting (yes/no)?

Say yes, and off you go.

--
Cheers.

0 new messages